Yes, keepalive in the server should be disabled by setting it to 0. It's an upcoming todo item to make nsopenssl work with the core server's keepalive mechanism but until then this should stop you from experiencing this problem. MSIE is fairly notorious for being buggy w/r to SSL.
/s.
On Nov 13, 2003, at 9:23 AM, Piotr Szuca wrote:
I had the same problem about one year ago. I know three solutions:
(1) disable "keepalive" (unfortunatelly it disables "keepalive" also for connections handled by "nssock" driver); (2) add "Connection: close" output header to every page handled by "nsopenssl" driver (but it slows down every connection handled by "nsopenssl" module); (3) use "nsopenssl" tagged "2_2beta6".
The problem arise when AS is closing connection after timeout, but the socket at the client side is not closed yet (this is a combination of two timeouts; it depends on the "keepalive" parameter and FIN_WAIT timeout on the client side).
Comment from ChangeLog of "nsopenssl":
ssl.c: in NsOpenSSLDestroyConn, if socket is valid, we shut it down before freeing the ccPtr datastructures. Apparently, the BIO_free_all causes two bytes to be sent over the socket that confuses Win32 clients.
Best regards,
Piotr Szuca
This may be similar to a problem I had a while ago. If I remember correctly the symptoms; if you went to a secure page, and sat there for a while, then went to another page, you would get a "page not found" error. What I had to do was to change the keepalivetimeout parameter to 0 in the nsd.tcl file. This disables that timeout. I believe it may have been Scott Goodwin who mentioned to try that. I think my original timeout was like 2 minutes, so to recreate it I would go to a page and sit there for two minutes, and then try to navigate to another. I could get the "page not found" every time. After changing it to 0, the problem went away. I also think it was somehow related to the version of the browser, perhaps Internet Explorer not handling keep-alive's correctly.
Vince
-- AOLserver - http://www.aolserver.com/
To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]> with the body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of your email blank.
-- AOLserver - http://www.aolserver.com/
To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]> with the body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of your email blank.
